Vulnerability in Haydenbleasel Next-forge

CVE-2025-23027

next-forge is a Next.js project boilerplate for modern web application. The BASEHUB_TOKEN commited in apps/web/.env.example. Users should avoid use of this token and should remove any access it may have in their systems.

EPSS: 0.003 (18.3th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References